package cn.com.geoway.booksystem.controller;

import javax.annotation.Resource;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import cn.com.geoway.booksystem.dao.UserDao;
import cn.com.geoway.booksystem.entity.User;
import cn.com.geoway.booksystem.util.CryptographyUtil;

import net.sf.json.JSONObject;

import java.util.concurrent.TimeUnit;


@Controller
@RequestMapping("/user")
public class UserController {

	@Resource
	RedisTemplate<String, Object> redisCacheTemplate;
	@Resource
	StringRedisTemplate stringRedisTemplate;
	
	@Resource
	private UserDao  userDao;

	
	/**
	 * 用户登入
	 * /user/login
	 */
	@ResponseBody
	@RequestMapping("/login")
	public JSONObject login(String name,String password)throws Exception {
		JSONObject result = new JSONObject();

		//获取 subject
		Subject subject=SecurityUtils.getSubject();
		//封装用户数据
		UsernamePasswordToken token=new UsernamePasswordToken(name,CryptographyUtil.md5(password, "java"));

		try {
			//执行登陆  shiro的登陆
			subject.login(token);
			//执行登陆  shiro的登陆

			result.put("success", true);
			result.put("msg","登陆成功");
			User user = userDao.findByName(name);
			SecurityUtils.getSubject().getSession().setAttribute("currentUser", user); //把当前用户信息存到session中
		} catch (UnknownAccountException e) {
			result.put("success", false);
			result.put("msg","用户名不存在");
		}catch (IncorrectCredentialsException e) {
			result.put("success", false);
			result.put("msg","密码错误");
		}
		return result;
	}
	/*public JSONObject login(String name, String password, HttpServletRequest req)throws Exception {
		JSONObject result = new JSONObject();

		//获取 subject
		Subject subject=SecurityUtils.getSubject();
		//封装用户数据
		UsernamePasswordToken token=new UsernamePasswordToken(name,CryptographyUtil.md5(password, "java"));
		
		try {
			//执行登陆  shiro的登陆
			subject.login(token);
			//执行登陆  shiro的登陆

			HttpSession session = req.getSession();
			//stringRedisTemplate.delete(name);
			String sessionId = stringRedisTemplate.opsForValue().get(name);
			if (sessionId!=null && !"".equals(sessionId)) {
				result.put("success", false);
				result.put("msg","该账号已登录，请您更换账号进行登录！");
			} else {
				stringRedisTemplate.opsForValue().set(name, session.getId(),10000, TimeUnit.SECONDS);
				result.put("success", true);
				result.put("msg", "登陆成功");
				User user = userDao.findByName(name);
				SecurityUtils.getSubject().getSession().setAttribute("currentUser", user); //把当前用户信息存到session中
			}
		*//*	// 获取application对象
			HttpSession session = req.getSession();
			*//**//*ServletContext application = session.getServletContext();*//**//*
			ServletContext application= req.getServletContext();
			String sessionId = (String) application.getAttribute(name); //获取登录用户的 sessionId

			if (sessionId!=null && !"".equals(sessionId)) {
				*//**//*this.setMsg("该账号已登录，请您更换账号进行登录！");
				return "errors";*//**//*
				result.put("success", false);
				result.put("msg","该账号已登录，请您更换账号进行登录！");
			} else {
				application.setAttribute(name, session.getId());//设置登录用户的 sessionId
				result.put("success", true);
				result.put("msg","登陆成功");
				User user = userDao.findByName(name);
				SecurityUtils.getSubject().getSession().setAttribute("currentUser", user); //把当前用户信息存到session中
			}
*//*

		*//*	result.put("success", true);
			result.put("msg","登陆成功");
			User user = userDao.findByName(name);
			SecurityUtils.getSubject().getSession().setAttribute("currentUser", user); //把当前用户信息存到session中*//*
		} catch (UnknownAccountException e) {
			result.put("success", false);
			result.put("msg","用户名不存在");
		}catch (IncorrectCredentialsException e) {
			result.put("success", false);
			result.put("msg","密码错误");
		}
		return result;
	}*/
	
	
	/**
	 * 注销
	 *  /user/logout
	 * @throws Exception
	 */
	@RequestMapping("/logout")
	public String logout()throws Exception{
		SecurityUtils.getSubject().logout(); //shiro的退出
		return "redirect:/login";
	}
	/*public String logout(String name,HttpServletRequest req)throws Exception{

		HttpSession session = req.getSession();
		stringRedisTemplate.delete(name);
	*//*	ServletContext application = session.getServletContext();
		application.removeAttribute(name);//系统退出，移除该用户的sessionId*//*

		SecurityUtils.getSubject().logout(); //shiro的退出
		return "redirect:/login";
	}*/
	
	
}
